package com.security.scanner.alternative.scanner;

import com.security.scanner.action.Crawler;
import org.openqa.selenium.chrome.ChromeDriver;

import java.io.File;
import java.io.IOException;
import java.util.HashSet;
import java.util.List;

public class WebVulnerabilityScanner {

    public static void main(String[] args) {

        TestWebDriver testWebDriver = new TestWebDriver(new ChromeDriver());
        AttackVectorProcessor attackVectorProcessor = new AttackVectorProcessor(new File("resources", "attackVector.txt"));
        List<String> listOfAttackVectors = attackVectorProcessor.getAttackVectorsFromFile();

        Crawler myCrawler;
//        String urlToAttack = "http://127.0.0.1:8080/wavsep/RXSS-FalsePositives-GET/index.jsp";
//        String urlToAttack = "http://127.0.0.1:8080/wavsep/RXSS-Detection-Evaluation-POST/index.jsp";
//        String urlToAttack = "http://127.0.0.1:8080/wavsep/RXSS-Detection-Evaluation-POST/Case2-Tag2TagScope.jsp";
        String urlToAttack = "http://owaspbwa/wavsep/active/RXSS-Detection-Evaluation-POST-Experimental/index.jsp";
        try {
            myCrawler = new Crawler(urlToAttack);
            myCrawler.crawl();
            HashSet<String> processedUrls = (HashSet<String>) myCrawler.getProcessed();
            for (String processedUrl : processedUrls) {
                scanUrlForXssVulnerabilities(testWebDriver, processedUrl, listOfAttackVectors);
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
        testWebDriver.shutdown();
    }

    private static void scanUrlForXssVulnerabilities(TestWebDriver testWebDriver, String urlToAttack, List<String> listOfAttackVectors) {

        for (String attackVector : listOfAttackVectors) {
            testWebDriver.attack(urlToAttack).using(attackVector).run();
            testWebDriver.executionReportFor(attackVector).waitFor();
        }
    }
}
